<?php
/**
 *
 * 版权所有：
 * 作    者：huangwy
 * 日    期：2018-01-04
 * 版    本：1.0.0
 * 功能说明：后台公用控制器。
 *
 **/
namespace Admin\Controller;
use Think\Controller;
use Think\Auth;

class BaseController extends Controller {
    /**
     * 空方法处理
     * @return string
     */
     public function _empty(){
//        echo "非法请求操作";
         $this->error('非法请求操作!');
    }
    
    public function _initialize(){
         C(setting());//保存配置参数
         if (!C("COOKIE_SALT")){  
//             echo ('请配置COOKIE_SALT信息');exit;
             $this->error('请配置COOKIE_SALT信息!');
         }
         
        // 不需要登录控制器 Publics
        if (in_array(CONTROLLER_NAME, array("Publics"))) {
            return true;
        }
        //检测是否登录
        $flag =  $this->check_login();
        $url = U("Publics/login");
        if (!$flag) {
            header("Location: {$url}");
            exit(0);
        }
        
        $model = M('user');
        $prefix = C('DB_PREFIX');
        $UID = $this->USER['uid'];
        $userinfo = $model->query("SELECT * FROM {$prefix}auth_group g left join {$prefix}auth_group_access a on g.id=a.group_id where a.uid=$UID");
        //auth权限
        $Auth = new Auth();
        $allow_controller_name = array('Upload');//放行控制器名称
        $allow_action_name = array();//放行函数名称
        
        if ($userinfo[0]['group_id'] != 1 && !$Auth->check(CONTROLLER_NAME . '/' . ACTION_NAME,
            $UID) && !in_array(CONTROLLER_NAME, $allow_controller_name) && !in_array(ACTION_NAME,
                $allow_action_name)){
            $this->error('没有权限访问本页面!');
        }
        
        $user = member_info(intval($UID),'uid,user,head,sex');//获取用户信息
        $this->assign('user', $user);
        
        $current_action_name = ACTION_NAME == 'edit' ? "index" : ACTION_NAME;
        //select * from A表   A left join B表  B ON B.条件 = A.条件   where A.条件 = 值
        $current = $model->query("SELECT s.id,s.title,s.name,s.tips,s.pid,p.pid as ppid,p.title as ptitle FROM {$prefix}auth_rule s left join {$prefix}auth_rule p on p.id=s.pid where s.name='" . CONTROLLER_NAME . '/' . $current_action_name . "'");
        $this->assign('current', $current[0]);
        
        $menu_access_id = $userinfo[0]['rules'];
        
        if ($userinfo[0]['group_id'] != 1) {
            $menu_where = "AND id in ($menu_access_id)";
        } else {
            $menu_where = '';
        }
        $menu = M('auth_rule')->field('id,title,pid,name,icon')->where("islink=1 $menu_where ")->order('o ASC')->select();
        $menu = getMenu($menu);
        $this->assign('menu', $menu);
        
    }
    
    
    /**
     * 检查是否登录
     * @return boolean
     */
    public function check_login(){
        session_start();
        $flag = false;
        $salt = C("COOKIE_SALT");
        $ip = get_client_ip();
        $ua = $_SERVER['HTTP_USER_AGENT'];//浏览器
        $auth = cookie('auth');
        $uid = session('uid');
        
        if ($uid) {
            $user = M('user')->where(array('uid' => $uid))->find();
            if ($user) {
                if ($auth ==  password($uid.$user['user'].$ip.$ua.$salt)) {
                    $flag = true;
                    $this->USER = $user;
                }
            }
        }
        return $flag;
    }
}